Richard Lynch wrote:
Al wrote:
Essentially, I'm creating warning reports for my users, not code errors.
> The
users can then email the warnings to our webmaster.
Jason Wong wrote:
On Monday 06 December 2004 14:19, Rory Browne wrote:
$result = mysql_db_query($db,"select count(*) from $table") OR $values['msg']= $values['msg'] . "Could not connect to mySQL Table: $table";
//tech notes and db table stuff
The calling page echoes $values['msg'] in nice red text.
Here's what's wrong with this plan:
#1. You are exposing the fact that you use MySQL to users. So malicous users don't need to figure out that you are using MySQL: They can just start trying all the MySQL things to break into your server.
As a general rule, you do not want users to know what software/version you are running.
While this does fall into the "security by obscurity" category, which is generally not "good" there are compelling arguments for making it harder for the bad guys to figure out what software you are using.
#2.
They won't.
Oh, sorry.
The USERS will *NOT* email your message to the webmaster. Oh, some will. Most, however, will email your webmaster with oh-so-usefull messages like.
"I was on your website, and I got an error message, and it's broken.
HELP!"
Put the details you need to debug your software in a place where you webmaster can read them, no matter what the user does to mangle, shorten, or otherwise ruin the message.
http://php.net/error_log is good for this.
#3. It's just Bad Form to tell users a bunch of crap they don't understand, don't care about, and can only be puzzled by. The message the users see should be more like: "Website down for maintenance. Please try again later."
The error messages you need to FIX the site are in the Apache log (or your own logfile) where they belong.
There might be some exceptions to all this -- If you have only one or two admin people, whom you trust to actually copy &paste the error messages and send them to you, displaying them on those admin screens is not so bad. That user is probably your client who already knows what software is in use (or can find out easily) and isn't likely to sabotage their own site, and can maybe be trained to do the right thing... OTOH, logging to a file and giving them a message they understand ("Something broke. Call Rich and tell him what you were doing.") is probably better anyway.
I greatly appreciate your taking an interest in my question.
I didn't explain all the details since I was trying to keep my message short.
My users are not public. They are a few selected individuals who only have access via an Apache authentication dialog.
Thanks....
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
